From 79c080709e90aed5a0080d9c4d2b042aba412823 Mon Sep 17 00:00:00 2001
From: spsocprime <94110440+spsocprime@users.noreply.github.com>
Date: Fri, 19 Jul 2024 17:14:30 +0300
Subject: [PATCH] field mapping update
---
.../mappings/platforms/qradar/proxy.yml | 13 ++++--
.../mappings/platforms/qradar/webserver.yml | 42 +++++++++++++------
2 files changed, 39 insertions(+), 16 deletions(-)
diff --git a/uncoder-core/app/translator/mappings/platforms/qradar/proxy.yml b/uncoder-core/app/translator/mappings/platforms/qradar/proxy.yml
index 193bc79c..75ca74a3 100644
--- a/uncoder-core/app/translator/mappings/platforms/qradar/proxy.yml
+++ b/uncoder-core/app/translator/mappings/platforms/qradar/proxy.yml
@@ -13,13 +13,16 @@ field_mapping:
- URL
- XForceCategoryByURL
c-useragent: User Agent
- cs-method: HTTP Method
+ cs-method:
+ - HTTP Method
+ - Method
cs-bytes: Bytes Sent
#cs-cookie-vars: cs-cookie-vars
c-uri-extension: URL
c-uri-query:
- URL
- URL Path
+ - URL Query String
#cs-cookie: cs-cookie
cs-host:
- UrlHost
@@ -32,6 +35,10 @@ field_mapping:
r-dns:
- UrlHost
- URL Host
- sc-status: HTTP Response Code
+ sc-status:
+ - HTTP Response Code
+ - Response Code
#post-body: post-body
- url_category: XForceCategoryByURL
\ No newline at end of file
+ url_category:
+ - XForceCategoryByURL
+ - Web Category
\ No newline at end of file
diff --git a/uncoder-core/app/translator/mappings/platforms/qradar/webserver.yml b/uncoder-core/app/translator/mappings/platforms/qradar/webserver.yml
index 11a769f6..ad002ea6 100644
--- a/uncoder-core/app/translator/mappings/platforms/qradar/webserver.yml
+++ b/uncoder-core/app/translator/mappings/platforms/qradar/webserver.yml
@@ -9,17 +9,33 @@ default_log_source:
devicetype: 10
field_mapping:
- c-uri: URL
- c-useragent: c-useragent
- cs-method: cs-method
+ c-uri:
+ - URL
+ - XForceCategoryByURL
+ c-useragent: User Agent
+ cs-method:
+ - HTTP Method
+ - Method
cs-bytes: Bytes Sent
- cs-cookie-vars: cs-cookie-vars
- c-uri-extension: c-uri-extension
- c-uri-query: URL
- cs-cookie: cs-cookie
- cs-host: cs-host
- cs-referrer: URL Referrer
- cs-version: cs-version
- r-dns: r-dns
- sc-status: sc-status
- post-body: post-body
\ No newline at end of file
+ #cs-cookie-vars: cs-cookie-vars
+ c-uri-extension: URL
+ c-uri-query:
+ - URL
+ - URL Path
+ - URL Query String
+ #cs-cookie: cs-cookie
+ cs-host:
+ - UrlHost
+ - URL Host
+ - URL Domain
+ cs-referrer:
+ - URL Referrer
+ - Referrer URL
+ cs-version: HTTP Version
+ r-dns:
+ - UrlHost
+ - URL Host
+ sc-status:
+ - HTTP Response Code
+ - Response Code
+ #post-body: post-body
\ No newline at end of file
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy